CVE-2026-49316

Expected behavior violation in the in-vehicle network of the Indian Motorcycle Scout Bobber + Tech 2025 model year allows an adjacent-network attacker to bypass the motorcycle's anti-theft shutdown by forcing the Wireless Control Module WCM into the CAN bus-off state. Using a well-known CAN...

CVE-2026-46112 RDMA/hns: Fix unlocked call to hns_roce_qp_remove()

In the Linux kernel, the following vulnerability has been resolved: RDMA/hns: Fix unlocked call to hnsroceqpremove Sashiko points out that hnsroceqpremove requires the caller to hold locks. The error flow in hnsrocecreateqpcommon doesn't hold those locks for the error unwind so it risks corruptin...

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the use of current instead of waiter::task in the removewaiter function within the rtmutex. This...

EUVD-2026-27743

In the Linux kernel, the following vulnerability has been resolved: gpio: sysfs: fix chip removal with GPIOs exported over sysfs Currently if we export a GPIO over sysfs and unbind the parent GPIO controller, the exported attribute will remain under /sys/class/gpio because once we remove the pare...

CVE-2026-43181 gpio: sysfs: fix chip removal with GPIOs exported over sysfs

In the Linux kernel, the following vulnerability has been resolved: gpio: sysfs: fix chip removal with GPIOs exported over sysfs Currently if we export a GPIO over sysfs and unbind the parent GPIO controller, the exported attribute will remain under /sys/class/gpio because once we remove the pare...

Flexense SysGauge Pro 安全漏洞

Flexense SysGauge Pro is a system analysis tool developed by Flexense Corporation, designed for real-time monitoring of system performance and resource usage. Version 4.6.12 of Flexense SysGauge Pro contains a security vulnerability. This vulnerability stems from a local buffer overflow in the...

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from a problem where controller registration fails, leading to the reuse of freed resources after release...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from a race condition between the qdiscresetalltxgt operation and the unlocked queue dequeue operation...

Easy MP3 Downloader 安全漏洞

Easy MP3 Downloader is a music download software developed by Easy MP3 Downloader Inc. Version 4.7.8.8 of Easy MP3 Downloader has a security vulnerability. This vulnerability stems from a buffer overflow in the unlocked code field, which could allow local attackers to cause the application to cra...

PT-2026-26399

Impact Concurrent updateRegistry/removeRegistryEntry operations for sandbox containers and browsers could lose updates or resurrect removed entries under race conditions. The registry writes were read-modify-write in a window with no locking and permissive fallback parsing, so concurrent registry...

PT-2026-5349

In multiple functions of TaskFragmentOrganizerController.java, there is a possible activity token leak due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2025-59104 Unlocked Bootloader in dormakaba access manager

With physical access to the device and enough time an attacker is able to solder test leads to the debug footprint or use the 6-Pin tag-connect cable. Thus, the attacker gains access to the bootloader, where the kernel command line can be changed. An attacker is able to gain a root shell through...

CVE-2025-59104 Unlocked Bootloader in dormakaba access manager

With physical access to the device and enough time an attacker is able to solder test leads to the debug footprint or use the 6-Pin tag-connect cable. Thus, the attacker gains access to the bootloader, where the kernel command line can be changed. An attacker is able to gain a root shell through...

Espressif ESP-IDF 安全漏洞

Espressif ESP-IDF is an IoT development framework from China Loxin Espressif. A security vulnerability exists in Espressif ESP-IDF versions prior to 1.1.0, which stems from a USB event callback and user code sharing state without locking, which could lead to a double release...

CVE-2024-34649

Improper access control in new Dex Mode in multitasking framework prior to SMR Sep-2024 Release 1 allows physical attackers to temporarily access an unlocked screen...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an unlocked PCM memory allocation check, which could result in allocating more memory than the maximum limit...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from unlocked access to shared variables, which could lead to data contention...

CVE-2025-43423

A logging issue was addressed with improved data redaction. This issue is fixed in iOS 18.7.2 and iPadOS 18.7.2, iOS 26.1 and iPadOS 26.1, macOS Sequoia 15.7.2, macOS Tahoe 26.1, visionOS 26.1. An attacker with physical access to an unlocked device paired with a Mac may be able to view sensitive...

CVE-2025-43423

A logging issue was addressed with improved data redaction. This issue is fixed in macOS Tahoe 26.1, iOS 26.1 and iPadOS 26.1, iOS 18.7.2 and iPadOS 18.7.2, macOS Sequoia 15.7.2, visionOS 26.1. An attacker with physical access to an unlocked device paired with a Mac may be able to view sensitive...

CVE-2025-43423

A logging issue was addressed with improved data redaction. This issue is fixed in iOS 18.7.2 and iPadOS 18.7.2, iOS 26.1 and iPadOS 26.1, macOS Sequoia 15.7.2, macOS Tahoe 26.1, visionOS 26.1. An attacker with physical access to an unlocked device paired with a Mac may be able to view sensitive...